Documentation ¶
Index ¶
- func CheckAlreadyRunning(path string) error
- type Config
- type Endpoints
- func (e *Endpoints) ClusterUpdateAddress(address string) error
- func (e *Endpoints) Down() error
- func (e *Endpoints) MetricsAddress() string
- func (e *Endpoints) MetricsUpdateAddress(address string, cert *localtls.CertInfo) error
- func (e *Endpoints) NetworkAddress() string
- func (e *Endpoints) NetworkCert() *localtls.CertInfo
- func (e *Endpoints) NetworkPrivateKey() []byte
- func (e *Endpoints) NetworkPublicKey() []byte
- func (e *Endpoints) NetworkUpdateAddress(address string) error
- func (e *Endpoints) NetworkUpdateCert(cert *localtls.CertInfo)
- func (e *Endpoints) NetworkUpdateTrustedProxy(trustedProxy string)
- func (e *Endpoints) PprofAddress() string
- func (e *Endpoints) PprofUpdateAddress(address string) error
- func (e *Endpoints) StorageBucketsAddress() string
- func (e *Endpoints) StorageBucketsUpdateAddress(address string, cert *localtls.CertInfo) error
- func (e *Endpoints) UpMetrics(listenAddress string) error
- func (e *Endpoints) UpStorageBuckets(listenAddress string) error
- func (e *Endpoints) VsockAddress() net.Addr
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CheckAlreadyRunning ¶
CheckAlreadyRunning checks if the socket at the given path is already bound to a running process, and return an error if so.
FIXME: We should probably rather just try a regular unix socket connection without using the client. However this is the way this logic has historically behaved, so let's keep it like it was.
Types ¶
type Config ¶
type Config struct { // The directory to create Unix sockets in. Dir string // UnixSocket is the path to the Unix socket to bind UnixSocket string // HTTP server handling requests for the REST API. RestServer *http.Server // HTTP server for the internal /dev/incus API exposed to containers. DevIncusServer *http.Server // The TLS keypair and optional CA to use for the network endpoint. It // must be always provided, since the pubblic key will be included in // the response of the /1.0 REST API as part of the server info. // // It can be updated after the endpoints are up using NetworkUpdateCert(). Cert *localtls.CertInfo // System group name to which the unix socket for the local endpoint should be // chgrp'ed when starting. The default is to use the process group. An empty // string means "use the default". LocalUnixSocketGroup string // SELinux label to apply to the soecket. LocalUnixSocketLabel string // NetworkSetAddress sets the address for the network endpoint. If not // set, the network endpoint won't be started (unless it's passed via // socket-based activation). // // It can be updated after the endpoints are up using NetworkUpdateAddress(). NetworkAddress string // Optional dedicated network address for clustering traffic. If not // set, NetworkAddress will be used. // // It can be updated after the endpoints are up using ClusterUpdateAddress(). ClusterAddress string // Address of the debug endpoint. // // It can be updated after the endpoints are up using PprofUpdateAddress(). DebugAddress string // HTTP server handling requests for the metrics API. MetricsServer *http.Server // HTTP server handling requests for the storage buckets API. StorageBucketsServer *http.Server // HTTP server handling requests from VMs via the vsock. VsockServer *http.Server // True if VMs are supported. VsockSupport bool }
Config holds various configuration values that affect endpoints initialization.
type Endpoints ¶
type Endpoints struct {
// contains filtered or unexported fields
}
Endpoints are in charge of bringing up and down the HTTP endpoints for serving the REST API.
func Up ¶
Up brings up all applicable endpoints and starts accepting HTTP requests.
The endpoints will be activated in the following order and according to the following rules:
local endpoint (unix socket) ----------------------------
If socket-based activation is detected, look for a unix socket among the inherited file descriptors and use it for the local endpoint (or if no such file descriptor exists, don't bring up the local endpoint at all).
If no socket-based activation is detected, create a unix socket using the default <var-path>/unix.socket path. The file mode of this socket will be set to 660, the file owner will be set to the process' UID, and the file group will be set to the process GID, or to the GID of the system group name specified via config.LocalUnixSocketGroup.
devIncus endpoint (unix socket) ----------------------------
Created using <var-path>/dev_incus/sock, with file mode set to 666 (actual authorization will be performed by the HTTP server using the socket ucred struct).
remote endpoint (TCP socket with TLS) -------------------------------------
If socket-based activation is detected, look for a network socket among the inherited file descriptors and use it for the network endpoint.
If a network address was set via config.NetworkAddress, then close any listener that was detected via socket-based activation and create a new network socket bound to the given address.
The network endpoint socket will use TLS encryption, using the certificate keypair and CA passed via config.Cert.
cluster endpoint (TCP socket with TLS) -------------------------------------
If a network address was set via config.ClusterAddress, then attach config.RestServer to it.
func (*Endpoints) ClusterUpdateAddress ¶
ClusterUpdateAddress updates the address for the cluster endpoint, shutting it down and restarting it.
func (*Endpoints) MetricsAddress ¶
MetricsAddress returns the network address of the metrics endpoint, or an empty string if there's no metrics endpoint.
func (*Endpoints) MetricsUpdateAddress ¶
MetricsUpdateAddress updates the address for the metrics endpoint, shutting it down and restarting it.
func (*Endpoints) NetworkAddress ¶
NetworkAddress returns the network address of the network endpoint, or an empty string if there's no network endpoint.
func (*Endpoints) NetworkCert ¶
NetworkCert returns the full TLS certificate information for this endpoint.
func (*Endpoints) NetworkPrivateKey ¶
NetworkPrivateKey returns the private key of the TLS certificate used by the network endpoint.
func (*Endpoints) NetworkPublicKey ¶
NetworkPublicKey returns the public key of the TLS certificate used by the network endpoint.
func (*Endpoints) NetworkUpdateAddress ¶
NetworkUpdateAddress updates the address for the network endpoint, shutting it down and restarting it.
func (*Endpoints) NetworkUpdateCert ¶
NetworkUpdateCert updates the TLS keypair and CA used by the network endpoint.
If the network endpoint is active, in-flight requests will continue using the old certificate, and only new requests will use the new one.
func (*Endpoints) NetworkUpdateTrustedProxy ¶
NetworkUpdateTrustedProxy updates the https trusted proxy used by the network endpoint.
func (*Endpoints) PprofAddress ¶
PprofAddress returns the network address of the pprof endpoint, or an empty string if there's no pprof endpoint.
func (*Endpoints) PprofUpdateAddress ¶
PprofUpdateAddress updates the address for the pprof endpoint, shutting it down and restarting it.
func (*Endpoints) StorageBucketsAddress ¶
StorageBucketsAddress returns the network address of the storage buckets endpoint, or an empty string if there's no storage buckets endpoint.
func (*Endpoints) StorageBucketsUpdateAddress ¶
StorageBucketsUpdateAddress updates the address for the storage buckets endpoint, shutting it down and restarting it.
func (*Endpoints) UpStorageBuckets ¶
UpStorageBuckets brings up storage buvkets listener on specified address.
func (*Endpoints) VsockAddress ¶
VsockAddress returns the network address of the vsock endpoint, or nil if there's no vsock endpoint.